Thursday, June 16, 2011

Thoughts on the Great Bitcoin Heist

Drugs last week, a half-a-million-dollar heist this week... all Bitcoin needs now is a celebrity sex scandal to make the hype-meter go from 8 to 11.

So: what happened and what does it mean for Bitcoin?

Apparently, 25,000 bitcoins worth almost half a million dollars were stolen from somebody's machine.

Ouch.

First thought: to be clear, they didn't spend half a million dollars on those bitcoins; they were an early adopter who managed to generate them back when bitcoins were nearly worthless and generating bitcoins was hundreds of thousands of times easier than it is today. That makes me feel a little better; if it was somebody who lost their life savings I'd be much more upset. I'll say it again: DO NOT PUT YOUR LIFE SAVINGS IN BITCOIN. That is risky and a bad idea at this point.

Second thought: this was not a failure or breach of the bitcoin payment network. It isn't yet clear exactly how the bitcoins were stolen; the most likely explanations are either malware infecting their system or somebody finding a backed-up copy of their wallet file. I'll be writing a blog entry about how I keep my bitcoins safe soon, and wallet security is the second thing on my bitcoin development priorities list (the first thing is making sure we handle any "scaling up" problems that might make it impossible for EVERYBODY to use their bitcoins).

Final thought: we can see where the bitcoins are going, so it is possible the person will be tracked down and caught as they spend the coins. They can try to 'hide their tracks,' but the big bitcoin exchangers have said that they'll cooperate with law enforcement to help catch criminals. Like stealing a famous painting, the crooks might have a hard time actually spending their ill-gotten loot.

It makes you feel better? What's the difference that he is an early adopter, he had something worth ~500k$ and if he sold it he would have this money in his pocket. He knew it, it's like winning a top prize in lottery and being stolen the ticket after a few days. Would you feel any difference if it was you? I know, perhaps he wasn't good enough in protecting it but it should have a better protection build in by default. I'm generally advocating the idea of bitcoin but some things have to be adressed and I thing there is little done to help that guy "allinvain". I'm courious if you'll delete this comment like you deleted others :)

Will law enforcement even investigate? If they do investigate, they can certainly trace the booty but can they prosecute if they 'catch' someone with it? More to the point, can they prosecute holders of the accounts to whom the original sum was distributed?

If 10BTC shows up in my wallet that originated through x transactions from a stolen wallet, what liability do I have?